A new approach to cybersecurity
For Business → ProtectionGrid For Large Corporates → ProtectionGrid For Law Enforcement → Intelligence For Governments → Intelligence
Home / Technology / Black Iris AI
Black Iris AI · Investigation Engine

When the attack is over,
the investigation begins.

Black Iris is the AI engine behind identiqa Intelligence. Built for forensic analysis, attribution, and post-incident reconstruction — for law enforcement, government investigators, and incident response teams who need answers that hold up in court.

Court-ready
Evidence integrity by design
Sovereign
Single-tenant, EU-only deployment
Air-gappable
For classified environments
Auditable
Every inference logged & signed
The thesis

Defense and investigation aren't
the same problem.

A defense engine optimizes for one thing: stop the attack before it lands. Speed over certainty, decisions over evidence. That's how Aura works — and that's the right choice for a perimeter.

Investigation is the opposite job. You already know something happened. Now you need to know what, by whom, in what sequence, with what evidence — to a standard that survives review by lawyers, judges, parliamentary committees, and adversaries with deep pockets and good attorneys.

Black Iris is built for that second job. It's not Aura with a different label. It's a different model with different priorities.

Two engines · One platform

Two minds.
Built for opposite jobs.

We deliberately built two specialist models rather than one stretched thin. Here's how they differ.

Aura · Defense Engine

Stop the attack. Now.

  • Optimized for: Sub-60-second response
  • Trade-off: Speed over deep evidence
  • Output: Mitigation actions in real time
  • Deployment: Multi-tenant cloud
  • Audience: Defenders & CISOs
Black Iris · Investigation Engine

Reconstruct the attack. Completely.

  • Optimized for: Evidentiary completeness
  • Trade-off: Depth over speed
  • Output: Court-ready evidence packages
  • Deployment: Single-tenant, sovereign, optionally air-gapped
  • Audience: Investigators & prosecutors
Core capabilities

What Black Iris actually does.

Six capabilities that map directly to the work investigators do. Each produces structured evidence — not just dashboards.

Forensic Analysis

Reconstructs attack timelines from logs, network captures, disk artifacts, and memory dumps. Identifies what happened, in what order, on what systems.

Output: Timeline reports · Artifact inventories · Hash-verified evidence
Threat Intelligence

Continuous correlation across thousands of indicators — campaign patterns, infrastructure overlap, malware family signatures — to position individual incidents in the broader threat landscape.

Output: Campaign reports · IOC packages · STIX/TAXII feeds
Incident Response

Live investigation support during active incidents. Containment recommendations, spread analysis, exfiltration tracking — all aligned with NIST SP 800-61 and ISO 27035 frameworks.

Output: Incident playbooks · Containment plans · Stakeholder briefings
Attribution

Maps technical artifacts to known threat actors using infrastructure fingerprints, code lineage, tradecraft patterns, and language analysis. Confidence levels are explicit, never inflated.

Output: Attribution dossiers · Confidence-graded findings · Counter-evidence sections
Dark Web Monitoring

Surveils underground markets, leak sites, ransomware blogs, and closed forums for stolen data, credential dumps, and emerging threats targeting your jurisdiction or constituents.

Output: Exposure alerts · Marketplace monitoring · Adversary chatter
Strategic Briefings

Periodic intelligence briefings tailored to leadership audiences — government, judiciary, executives. Translates technical findings into operational and policy implications.

Output: Executive briefings · Policy advisories · Trend reports
Investigation workflow

From incident to indictment.

How a typical investigation flows through Black Iris. Every step produces an artifact with verified integrity that can be presented in court or to oversight bodies.

01
Evidence intake

Logs, packet captures, disk images, memory dumps, malware samples — ingested with cryptographic chain-of-custody from the first moment.

SHA-256 hashed
02
Reconstruction

Black Iris correlates artifacts across systems and time, building a coherent attack timeline with confidence levels for each inferred event.

Timeline.json
03
Attribution

Cross-references infrastructure, tradecraft, and code lineage against threat actor profiles. Each match is graded — high, medium, low confidence — with explicit reasoning.

Attribution.dossier
04
Evidence package

All artifacts, analyses, and inferences are bundled into a court-ready package — with integrity hashes, audit logs, and methodology documentation included by default.

Signed bundle
05
Disclosure & handover

Package handed to investigators, prosecutors, or oversight committees. Methodology is fully documented for adversarial review — no black-box claims.

Court ready
Evidence integrity

Built to survive review.

The most damaging thing in court isn't a weak case. It's a strong case undermined by sloppy chain-of-custody. Black Iris is engineered so every artifact, every inference, every action is verifiable end-to-end.

No black boxes. If a defendant's lawyer asks how the model reached a conclusion, we can produce the input, the model version, the inference parameters, the confidence factors, and the methodology — every time.

  • Cryptographic chain-of-custody. Every ingested artifact receives a SHA-256 hash and signed timestamp at the moment of intake.
  • Reproducible inference. Re-running an analysis on the same input with the same model version produces identical output. Always.
  • Versioned models. Every Black Iris release is archived — investigations conducted in 2026 can be re-verified with the exact same model in 2030.
  • Adversarial-review-ready. Methodology, training methodology, and known limitations are fully documented for opposing counsel, oversight bodies, and academic review.
Evidence Manifest · Case INV-2026-0314
Signed
Artifact memory_dump_host042.raw
SHA-256 7d4a...e8b2
Ingested 2026-03-14 09:42:18 UTC
Custody verified · 14 events
Model black-iris v3.2.1
Status ✓ Reproducible
Who uses Black Iris

Where investigation actually happens.

Law Enforcement
Cybercrime units

National and federal cybercrime divisions investigating ransomware groups, financial fraud rings, and cross-border attacks. Evidence packages structured for prosecutorial review and judicial admissibility.

Government
National CERTs & CSIRTs

Computer emergency response teams operating under government mandate. Black Iris supports incident analysis at scale, threat actor tracking, and strategic intelligence briefings for ministerial audiences.

Critical Infrastructure
KRITIS & regulated sectors

Operators of critical infrastructure under NIS2 and national equivalents. When the regulator asks "what happened," Black Iris produces the answer with the evidence to back it up.

Incident Response Firms
DFIR consultancies

Digital forensics and incident response firms operating on behalf of clients. Black Iris accelerates investigation cycles and standardizes evidence quality across consultants and engagements.

Defense & Intelligence
National security

Defense ministries and intelligence services with sovereignty requirements beyond ordinary government. Available in air-gapped, fully on-premise configurations under separate licensing.

Judicial & Oversight
Parliamentary committees

Investigative committees examining state-level cyber incidents, election interference, or critical infrastructure failures. Black Iris evidence methodology is structured for political and judicial scrutiny alike.

For investigators & counsel

Questions investigators ask first.

Is Black Iris's output admissible as evidence?
Black Iris is engineered to support admissibility — but final admissibility is always a judicial determination depending on jurisdiction, case type, and procedural rules. What we provide: cryptographic chain-of-custody from intake, reproducible analyses, fully documented methodology, versioned model archives for re-verification years later, and adversarial-review-ready disclosures. Outputs map cleanly to standards used in EU member states, NATO frameworks, and major Five Eyes jurisdictions. Court-tested deployments are documented under separate confidentiality agreement.
How do you avoid the "black box AI" problem in court?
We don't. Every Black Iris inference produces feature attribution explaining which inputs drove the conclusion, confidence grading with explicit thresholds, methodology documentation written for non-technical reviewers, and reproducibility — running the same analysis again must produce the same result. If we can't explain how a conclusion was reached, we don't present it as evidence.
Can it be deployed air-gapped?
Yes. For defense, intelligence, and certain government deployments, Black Iris ships in air-gapped configurations on dedicated hardware. Updates are delivered via signed offline packages reviewed before installation. Threat intelligence feeds can be pulled through vetted one-way data diodes. This is a separate licensing model with longer onboarding — typically 4-8 weeks including security clearance and integration.
How does attribution confidence actually work?
Black Iris grades attribution into three explicit tiers: high confidence (multiple independent indicators converging, infrastructure overlap with known operations, tradecraft matching), medium confidence (significant indicators present but alternative explanations possible), and low confidence (suggestive but insufficient for assertion). We never claim certainty we can't defend — and every attribution dossier includes a "counter-evidence" section explicitly documenting facts that argue against the conclusion.
What about adversarial AI attacks against Black Iris itself?
Adversarial robustness is treated as a first-class concern. Inputs are validated and rate-limited; high-stakes inferences require ensemble agreement; models are continuously retrained against known evasion techniques; adversarial inputs are flagged and quarantined. For air-gapped deployments, input vectors are dramatically reduced — which is part of why we offer that option to high-threat customers.
Where does Black Iris run?
Black Iris is single-tenant by default. Standard deployments run on dedicated hardware in our EU data centres (Germany, Ireland, Portugal, Cyprus). Customers can specify region restrictions, single-region deployment, or fully isolated tenant clusters. For sovereign customers, on-premise and air-gapped configurations are available. Black Iris never runs on AWS, Azure, GCP, or any US-jurisdiction infrastructure.
How is this different from running Aura on incident data?
Aura is optimized for real-time prevention — it makes fast decisions and prioritizes throughput. Black Iris is optimized for evidentiary completeness — it does deeper, slower, more thorough analysis, produces formal output with chain-of-custody, and runs on data Aura would not see (memory dumps, packet captures, classified intelligence feeds). They share infrastructure philosophy and engineering teams, but they're different models trained for different objectives.

For active investigations only.

Black Iris is not sold through public channels. Engagements begin with a verified-credentials conversation under NDA — typically with cybercrime units, national CERTs, regulated incident response firms, or government bodies with legitimate investigative mandate.

Request verified briefing Back to Technology overview